Skip to content

Commit

Permalink
tests: contid: add test for capcontid
Browse files Browse the repository at this point in the history
Signed-off-by: Richard Guy Briggs <[email protected]>
  • Loading branch information
rgbriggs committed Jun 26, 2020
1 parent abee6de commit dd613b6
Showing 1 changed file with 43 additions and 1 deletion.
44 changes: 43 additions & 1 deletion tests/containerid/test
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,9 @@ use strict;
use File::Temp qw/ tempdir tempfile /;
use Test;
use IO::Handle;
BEGIN { plan tests => 34 }
use Sys::Syscall; #perl-Sys-Syscall.noarch
require 'syscall.ph';
BEGIN { plan tests => 37 }

###
# functions
Expand Down Expand Up @@ -65,6 +67,7 @@ my $contid2 = int( rand( 1 << 63 ) );
my $contid3 = int( rand( 1 << 63 ) );
my $contid4 = int( rand( 1 << 63 ) );
my $contid5 = int( rand( 1 << 63 ) );
my $contid6 = int( rand( 1 << 63 ) );

###
# tests
Expand Down Expand Up @@ -343,6 +346,45 @@ while ( $line = <$fh_out> ) {
ok( $contid4_found, 1 ); # Was the contid4 message well-formed?
ok( $contid5_found, 1 ); # Was the contid5 message well-formed?

# Test capcontid set
# Start sleep to provide target task
my $taskcap_pid = fork();
my $resultcap;
if ( not $taskcap_pid ) {
$! = 0;
$result = syscall( &SYS_unshare, 0x10000000 ); #CLONE_NEWUSER
if ( $result == -1 && $1 == 0 ) {
print "syscall SYS_unshare failed with errno:" . $! . "\n";
}
sleep 2;
my $taskcapchild_pid = fork();
if ( not $taskcapchild_pid ) {
sleep 2;
exit;
}
open( my $contidfd, '>', "/proc/$taskcapchild_pid/audit_containerid" );
$contidfd->autoflush(1);
$resultcap = print $contidfd $contid6;
close($contidfd);
if ( not $resultcap ) {
$resultcap = $!;
}
close($contidfd);
exit $resultcap;
}
sleep 1;

# Test set
open( $contidfd, '>', "/proc/$taskcap_pid/audit_capcontainerid" );
$contidfd->autoflush(1);
$result = print $contidfd "1\n";
close($contidfd);
ok( $result ); # Did set capchild without init cap fail?
ok( $taskcap_pid > 0 ); # Did taskcap start ok?
my $wait_cap = wait();
$resultcap = $? >> 8;
ok( $resultcap != 1 ); # Did set fail with capcontid?

if ( defined $ENV{ATS_DEBUG} && $ENV{ATS_DEBUG} == 1 ) {
print "\ndebug: start\n";
if ( !$contidself_found || !$resultself ) {
Expand Down

0 comments on commit dd613b6

Please sign in to comment.